* GNU Shepherd 0.9.2 released
@ 2022-09-10 21:48 Ludovic Courtès
0 siblings, 0 replies; only message in thread
From: Ludovic Courtès @ 2022-09-10 21:48 UTC (permalink / raw)
To: guix-devel, guile-sources, guile-user, info-gnu
[-- Attachment #1: Type: text/plain, Size: 3773 bytes --]
We are pleased to announce the GNU Shepherd version 0.9.2. This is a
bug-fix release, representing 27 commits by 2 people over 4 months.
The GNU Daemon Shepherd or GNU Shepherd is a service manager written
in Guile that looks after the herd of system services. It provides
dependency-based management for system services: daemons such as
‘sshd’, programs such as Xorg, as well as user-provided actions. The
GNU Shepherd may also be used by unprivileged users to manage per-user
daemons—e.g., tor, privoxy, mcron, etc. It is written in Guile
Scheme, and is configured and extended using Guile.
The GNU Shepherd is developed jointly with the GNU Guix project; it is
used as the init system of Guix, GNU’s advanced GNU/Linux distribution.
Here are the compressed sources and a GPG detached signature[*]:
Use a mirror for higher download bandwidth:
Here are the SHA1 and SHA256 checksums:
[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:
gpg --verify shepherd-0.9.2.tar.gz.sig
If that command fails because you don't have the required public key,
then run this command to import it:
gpg --keyserver keys.openpgp.org \
and rerun the 'gpg --verify' command.
This release was bootstrapped with the following tools:
• Changes since version 0.9.1 (excerpt from the NEWS file)
** File descriptors used internally are now all marked as close-on-exec
Previously, services started indirectly with ‘exec-command’ (which is usually
the case) would not inherit any file descriptor from shepherd because
‘exec-command’ would explicitly close all of them. However, services started
with ‘make-system-constructor’ and processes created by some other means, such
as calling ‘system*’, would inherit some of those descriptors, giving them
more authority than intended.
The change here consists in marking all internally-used file descriptors as
“close-on-exec” (O_CLOEXEC), a feature that’s been available on GNU/Linux and
GNU/Hurd for years but that so far wasn’t used consistently in shepherd. This
is now fixed. As a side-effect, the file-descriptor-closing loop in
‘exec-command’ is now gone.
** Client connections with ‘herd’ are non-blocking
Previously, a misbehaving client could send an incomplete command
(s-expression), causing shepherd to hang while waiting for completion. (Note
that said client is required to run with the same UID as shepherd, so this was
not a security issue.)
** Directory of log file is created if it doesn’t exist
When a service constructor is passed ‘#:log-file "/var/log/foo/bar.log"’,
shepherd now created /var/log/foo if it doesn’t exist; previously it would
Please report bugs to email@example.com.
Join firstname.lastname@example.org for discussions.
Ludovic, on behalf of the Shepherd herd.
[[End of PGP Signed Part]]
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 853 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-09-10 21:48 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-10 21:48 GNU Shepherd 0.9.2 released Ludovic Courtès
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).